| cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css | 104.17.25.14 | | 5.8 kB |
URL cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css IP104.17.25.14:0
File typeASCII text, with very long lines (65536), with no line terminators Hashe9365fe85b7e4db79a87015e52c3db6c 2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9 dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 06:14:57 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1120450
expires: Mon, 14 Apr 2025 06:14:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MehzTcmoteqDVmKGfxswWTZTGVt1DoNT9Andz6I%2B7U%2BxcVeY4ZlmcAfpMyny2XvDCwUIt1%2FKdWi0tp47BV2cm3mJl%2FmNJF0O9eH0t0c%2Fup9LUC35ppv8IcobmlXJomRfY5o5WQ4l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8793f4c38b6656c3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i.ibb.co/Wg8qQxh/facebook-text.png | 162.19.58.157 | | 29 kB |
URL i.ibb.co/Wg8qQxh/facebook-text.png IP162.19.58.157:0
File typePNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced Hash74190b93fc4f5d88f0c8e6411ba20bd8 89ce2ecb660a90b8e6ed1b335443d7767c59f28a 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /Wg8qQxh/facebook-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 06:14:57 GMT
content-type: image/png
content-length: 28789
last-modified: Mon, 18 Oct 2021 19:35:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| telegra.ph/file/d8f63c616348e86fb7ac2.jpg | 149.154.164.13 | | 10 kB |
URL telegra.ph/file/d8f63c616348e86fb7ac2.jpg IP149.154.164.13:0 ASN#62041 Telegram Messenger Inc
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 512x512, components 3 Hash2c37914ef06b1c3c379fca122ced0513 23973cafe2108868ef3de6cac3cba6f95647eb58 aab6f15b5d13e0ab98cf29eccbe27af4ebc48056c3155e5f0b1bc39cfd5d6962
GET /file/d8f63c616348e86fb7ac2.jpg HTTP/1.1
Host: telegra.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 24 Apr 2024 06:14:57 GMT
content-type: image/jpeg
content-length: 10340
cache-control: max-age=10800, must-revalidate
expires: Wed, 24 Apr 2024 09:14:57 GMT
etag: "7c706a64504c2cb3fefd07de3e81a66d36761c4b"
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-1.10.2.min.js | 151.101.194.137 | | 33 kB |
URL code.jquery.com/jquery-1.10.2.min.js IP151.101.194.137:0
File typeJavaScript source, ASCII text, with very long lines (32072) Hash628072e7212db1e8cdacb22b21752cda 0511abe9863c2ea7084efa7e24d1d86c5b3974f1 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-16bb3"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 24 Apr 2024 06:14:57 GMT
age: 19138692
x-served-by: cache-lga13622-LGA, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 1, 109850
x-timer: S1713939298.954463,VS0,VE0
vary: Accept-Encoding
content-length: 32788
X-Firefox-Spdy: h2
|
|
| n8-h6.net-x.xyz/img/popup-close.png | 188.114.96.1 | | 422 B |
URL n8-h6.net-x.xyz/img/popup-close.png IP188.114.96.1:0
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced Hashd45afd0750df1473f2835dceb7933be8 25fe98b2ed17c8d857094d1d254fcc2a2f34c363 fd5d4a16b40eb27ac0372e93f5f0f9faa21032d1004a980838024f99798b37c8
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/popup-close.png HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: image/png
content-length: 422
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=95Jy0Rl2t98yPZNQRsNsRTBglHC2cITtSiOvuY5LBSUwzu8aMwPBGqYrvX6hAvqv3hy8VPt3xK1CCoaJvN%2BbisbKSM7XsmcjGgfcqWBvNuqk0PDqnqt5n3h2o2xH%2BSwbn7o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c388beb529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/img/bff.png | 188.114.96.1 | | 11 kB |
URL n8-h6.net-x.xyz/img/bff.png IP188.114.96.1:0
File typePNG image data, 459 x 138, 8-bit/color RGBA, non-interlaced Hashf77fe97fc8f4d06fd93eaf7552c4a3e9 c73f03f3e5a9f460eb83e10ae7312738a36ce720 b695d33c5ece1af9739e89855c4cc718fd6e9550528009ee5ff644cac193cb41
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/bff.png HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: image/png
content-length: 11185
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8acSqJNSaK0k1oVGvQ4fQYYDnwhNmtZ5oh%2FO%2FwPhiTkUuxKr%2FOcOG1vDzubZ2%2FSgqbMB5gf8MOIZjIh1eZw%2BfmcFvlvX4DAWMXquo2a7HFxoyeNR81%2FxiUcJ4fHqumKAe58%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c388bbb529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/img/tokens.png | 188.114.96.1 | | 21 kB |
URL n8-h6.net-x.xyz/img/tokens.png IP188.114.96.1:0
File typePNG image data, 480 x 120, 8-bit/color RGBA, non-interlaced Hash473833883cfc465f8ce5f007187461fb 77531888cfe50ad3a9a5572f2f12efe13909a61e 51951dd1d36ce7e606a323aa14770d286e1d1d6b7f7d191d5b161235270ef7c7
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/tokens.png HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: image/png
content-length: 21002
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WnPfkNzOxSTpCugVBPu%2BpCDOPGLmc197tHQc77AEJr5TORHTT1oQIe1uD4qDAhQ1B35tiF5VSbVqbL%2Bg1RX5CiilmObt%2F1ImdnpgZn%2Bve5bBgGfhA9Ipu0EPJ4Ept52htbQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c36898b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/img/rewards/1.jpg | 188.114.96.1 | | 28 kB |
URL n8-h6.net-x.xyz/img/rewards/1.jpg IP188.114.96.1:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3 Hashe30bcec75f2c4c077d907d4bbcd499be c3d769b0d136589e4f4c4d6ad4ab62a804cd9257 c54db05983dc834cdacc66e3d4bf97b9714c51c7252dfe2beea29dd290cfd42d
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/1.jpg HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: image/jpeg
content-length: 28200
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nVhSeuKg3xzpOS4gOp1ZyDpV0kqTdvIdlprlt%2FOS3u4UMZP%2F%2FnHNx1E%2FBzEnzlEdCymFiWEdQIjhZgjMq7jq%2BTrPCbdv1YFhY5pRGNeSJ6RFJEGeiPQEi8wpdYUPcUqgWUc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c36897b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/img/rewards/2.jpg | 188.114.96.1 | | 23 kB |
URL n8-h6.net-x.xyz/img/rewards/2.jpg IP188.114.96.1:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3 Hash950ebcbde26134cbf74bfe2d753761c6 510ec4714b4923eef01c79c29c2736b9f55ceaaf 056a23671e32c208d1e1f83f7ee4396e2e1e72c27ec47257eceb4fbf0905ea39
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/2.jpg HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: image/jpeg
content-length: 22804
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wpQ%2Bgv3DsV52Op33pTIjNaHPjQbXAvHOjjBBUajG%2Fef%2Bnc%2Fxelq%2ByzRlEAmQUnJYi7ztPNkGCrGvuWXo8MN0vDaGbDEOxCArME%2FUpvyk0numuRg4mK8dksWZsSGhvZg%2Bv44%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c368a0b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/img/rewards/3.jpg | 188.114.96.1 | | 31 kB |
URL n8-h6.net-x.xyz/img/rewards/3.jpg IP188.114.96.1:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3 Hash1c88d95060ab733a9b2ba6989f2c8f49 07bf082e05dadf6e0eda4c5d2a12397ad23c4b78 fbf3170ab0dac3a8f61f37e3a7cdafd2734b9aaf89e4132777f9a0bf922a0c61
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/3.jpg HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: image/jpeg
content-length: 30888
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M45zILucSHhcy4X4ieSy5R8JYJ2PbUnTf44O96SRS%2F%2BGzf39I%2FjGkU4tF71NtPDr1d%2FCF2ygNTzTDuY%2Br4qfJYrZcbWuNb0KJhtGwtWcFFKNbfxggTPqdfkzONXK8JAogx8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c378a5b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/img/rewards/4.jpg | 188.114.96.1 | | 27 kB |
URL n8-h6.net-x.xyz/img/rewards/4.jpg IP188.114.96.1:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3 Hash99b68ca57582eeceab2beb71b7d12baf 29dafd5aeef8e9f765dcd457b773f8008aed5021 a89a0129966d6a3dd8dea5a3c498894dc66821e62668431f6ab474c00e70f405
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/4.jpg HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: image/jpeg
content-length: 26863
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yRbtlNpV4ZTBYwT3Kgq44ioAQsC55GVN3MqzoY4rznVX%2FSO4yzTcMQvkCRTg8BbOFazPMEpu8ip2koo2CITgIEJDgsW0qfwAjJd9K0MjT2ZhC%2F377w%2F2dipcvdno6BfCNbo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c378a6b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/img/rewards/5.jpg | 188.114.96.1 | | 27 kB |
URL n8-h6.net-x.xyz/img/rewards/5.jpg IP188.114.96.1:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3 Hashe2ccdc69aa8d9dc22e63f6ed0dd299a9 87845ddd7b94fb61e19c28ffa9df83b4ca57be6e c6ec45b17e5977709a95e028613f6ce7418fc5c349a2771ed7e5df7ae59a1955
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/5.jpg HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: image/jpeg
content-length: 27367
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FT2%2FpXsTVlaLMLEQNCrYj%2BO1AHuseBD0wGQvr%2Bu07B4JMWMNKKDhgQnAlCeD2x1btmtedbY0tF0cU6zPtmDST35HjWXr3izjELpWXUvV2pKzFb9DDlWq%2FzDpAYmTlxHYGZg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c378a8b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/img/rewards/6.jpg | 188.114.96.1 | | 23 kB |
URL n8-h6.net-x.xyz/img/rewards/6.jpg IP188.114.96.1:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3 Hashb92f86713a796e10f6b9ac90a666664f c4f8d34d0677e07c9ab3321ac00ae26695f708c3 759759f31a3cca1ad1754ed870a0f987c76a1c08452bb2ba23c3a3a6b1d015b7
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/6.jpg HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: image/jpeg
content-length: 22569
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V54xpMVVFfiFLz%2FAB6PudhuLjtfXRcbGJz2XMfUELcHr8NVt3OlqpyErLEzKbPwaEBSz5%2B435%2Fl5FrIrkRK8X9UZWTTCXPrcLS652obj8AMtdj8kcvOCZ79ekiOWwtyKZtg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c378a9b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/img/rewards/7.jpg | 188.114.96.1 | | 25 kB |
URL n8-h6.net-x.xyz/img/rewards/7.jpg IP188.114.96.1:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3 Hash417823719e6cfa032ab103bcd9ddc001 d783c6f4565097023f9205b3c39eee8b103c366a 465bb1e330b8cfb4d8500a5f3512c07d37c11d52df2caf4e91497adf87279869
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/7.jpg HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: image/jpeg
content-length: 24640
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6is08sf6TZJziPHtsVL7PpMtHQ9YsiDcJtY63XFQA2b%2FevK64zPz6dgVZVSVHsb%2FRevjLWxSeJ0uEPgovJSS%2BMvvIQyMKa9N8JnUAuqjVeyJN1luOoNt6yWOg4GsV37tUNI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c378aab529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/img/rewards/9.jpg | 188.114.96.1 | | 41 kB |
URL n8-h6.net-x.xyz/img/rewards/9.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3 Hash0a3bc56ffdbafea57688e25dd7d9df6a 9e99435786062b48bb69c5a1877d5e42a6772c3b b37ed8c76cdaaf9d952723eecbec7f63714c2d9edd875002df0bc8e2e08e4081
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/9.jpg HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: image/jpeg
content-length: 41316
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=blb50MrmWmtuRzonH%2FaTiM4%2BNfDn2UQZOOeyMdJq0wzQVjqPAs9oKZp%2BtqJUf1hszSwmkC40Lod2zEMRqW8wbHDbKiDaRBsd98zItv1xDgkvR5zUOVIdXDLrd85cfrSNRco%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c378b2b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 | 104.17.25.14 | | 38 kB |
URL cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 IP104.17.25.14:0
File typeWeb Open Font Format (Version 2), TrueType, length 38384, version 1.0 Hasha4d31128b633bc0b1cc1f18a34fb3851 6ee4c79372c3fd679706306ede47e4b03cf53d60 e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c
GET /ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://n8-h6.net-x.xyz
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 38384
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03ed9-95f0"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 736407
expires: Mon, 14 Apr 2025 06:14:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DUPVo%2FMpF%2FRSR75dxUZTHY92D9kyeP%2F0iP3tadnWLmuG5jQILEBMwAXoWrRaOmUu75yL6Fk7QElQXW2WBRPJsBMj%2BZzR7hh3QEkB60YFPachbg5%2Bk%2BYm5wWMO3JAv2MiNUft1Jp2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8793f4c7bcd55695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/css/style.css | 188.114.96.1 | | 3.2 kB |
URL n8-h6.net-x.xyz/css/style.css IP188.114.96.1:0
File typeassembler source, ASCII text Hashcddf9eddfaed8c2264deeba327500fe8 752543f45ba9040b0404ef570c3fac437d86bb8e 801712498313e773d44046de1ec1826e5905f1e2351176a0b6dcf95d58319990
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /css/style.css HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3m2PhaUPHjjrDJn1GvYa%2FiVxo5TE8p6CUGAwuuTtmrj9FHZQToWh0%2BsqtioHULr9X4N7to8xaCytNhZutfjKQSwOO6c%2BsSsj4Y95MhgC5srvI4lPTQKsH8VFOQ7s3TdK984%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f4c3588bb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 | 216.58.207.227 | | 15 kB |
URL fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15044, version 1.0 Hash4806226b885b3b3d0ae52142f6bfb3af 2ea5cc6d5e4adb874989a2b74bda062296fb1ad3 714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f
GET /s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://n8-h6.net-x.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 20:39:45 GMT
expires: Tue, 22 Apr 2025 20:39:45 GMT
cache-control: public, max-age=31536000
age: 120913
last-modified: Thu, 24 Aug 2023 21:55:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 | 216.58.207.227 | | 15 kB |
URL fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15044, version 1.0 Hash4806226b885b3b3d0ae52142f6bfb3af 2ea5cc6d5e4adb874989a2b74bda062296fb1ad3 714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f
GET /s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://n8-h6.net-x.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 20:39:45 GMT
expires: Tue, 22 Apr 2025 20:39:45 GMT
cache-control: public, max-age=31536000
age: 120913
last-modified: Thu, 24 Aug 2023 21:55:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| n8-h6.net-x.xyz/img/rewards/11.jpg | 188.114.96.1 | | 45 kB |
URL n8-h6.net-x.xyz/img/rewards/11.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3 Hashf19212e0972cd4c0cbd1ae3b3e2f9bbc 14a1153ec4b178d369418a9084f79f235633f71b c6f38a26ae871b4f86d83579fd963468bf2e994b7f058b6047f98f89243ee968
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/11.jpg HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: image/jpeg
content-length: 45021
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nz42ZujPsurgamBAnbveWf0hhqH4id9UZFwxyFBjiZZrDmtnS7PtbiQHfo%2FbGAlMFfmYdj73e4kZTexXUTVTSd%2FwRTgAsDVC9q9LwDJTwGdYeKrjlrO72TuNRL6%2BHPI%2FN98%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c378b5b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/img/rewards/8.jpg | 188.114.96.1 | | 45 kB |
URL n8-h6.net-x.xyz/img/rewards/8.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, software=PicSay Pro 1.8.0.5, datetime=2024:04:06 18:10:54], baseline, precision 8, 480x480, components 3 Hash5aef10801a628f517f3fa40666a87f69 15122c24d494069114e94a966b2986375509c341 cb1f70e59a10258ae97521fc26ea10c2987a568835ee042706fb34e51363fa35
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/8.jpg HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: image/jpeg
content-length: 44897
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m7aL2AxcT4mlxn6VcDxEp6AtH41sh%2FHfMU7YmA3bzjGsT%2Fz5RTzSvRh1YONq%2Fa%2BNvOzrngRlKk%2FvQm1ICFrfq%2Bw%2BN%2Fl5h1FeCpon2pbwkdGsmnyo1ntnfhS0Yaa%2FXxAf7xQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c378b1b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/img/rewards/10.jpg | 188.114.96.1 | | 43 kB |
URL n8-h6.net-x.xyz/img/rewards/10.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3 Hashb21d09600cb975ab27eb9079632386a8 16ce983e518d684c3b60af13624dc642068bbfb9 843810e9023f0e9dafbd0baa8266f5c83eaf4ed7b23975554f0d32cf5de6fb5d
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/10.jpg HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: image/jpeg
content-length: 43269
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SlJUyfoOPgBs5Ga5GJI%2BuT9BJBAOk1zxgeXtS%2FFBO%2F%2FdG0CZn%2F6uLwxfefvlveWI4UWtEUFosO9FFjJGdoeLYG0gmVnlxk3TUHHZ6s2MwsRoraYX1JsEG3f%2FL14EzAaFFXc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c378b3b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/img/rewards/12.jpg | 188.114.96.1 | | 43 kB |
URL n8-h6.net-x.xyz/img/rewards/12.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3 Hasha0c69273a26e8758529afbc255447a91 72ee2402ab145333749ab2b3f2a9ea650c17dea3 b7c04cfefa5ca5332c50be84d64b30cdd30a5ce6fd8e9d77c46b9399448056c1
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/12.jpg HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: image/jpeg
content-length: 42788
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8k6xsiS4J9g6REq0pS%2BSuj6Mm3vgoOvYZPy4HLKpaQoPdNjcS%2FYA77p8T74IS9XSXtoKt6iSAJucsaiXtIULxywLIEwLIPzUnH%2BUJHrtXJziPoAB3gQicuTp%2BRooKHplUn0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c388b9b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/img/gamecon.jpg | 188.114.96.1 | | 85 kB |
URL n8-h6.net-x.xyz/img/gamecon.jpg IP188.114.96.1:0
File typeRIFF (little-endian) data, Web/P image Hashe4dd890e64827b632c6f2a9f7960b709 fe750e7afa5634af5fdd82815a599817c9e227f0 163aad2fec6b167bec769c24b4156222392ebf25b9377d9278e20b811bc24d06
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/gamecon.jpg HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: image/jpeg
content-length: 84850
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MaF5jGBeaZjK1oIdzuNLV%2FOdS1QCwR6cJdxdIIl9H3RSjXbVV1chpPOZLn29%2F908LgpRIa6qUxAqLfMFgDJa4YayJQWlS7mu3vgq1CzAPcmw%2BED3L3iXdJJx6jnNdfOsbA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c398c2b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/css/login/twitter.css | 188.114.96.1 | | 1.1 kB |
URL n8-h6.net-x.xyz/css/login/twitter.css IP188.114.96.1:0
File typeASCII text, with CRLF line terminators Hash2f164bbfd5e607738fbfe3fc963cc726 90ebada80b8497a2e05b12b3912f3731f6fd9327 a0115bfa6b2d468bf58305d10347f46940a87587ecf003d4c23fa84f0b3fd8e7
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /css/login/twitter.css HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WUzGHpeNuT%2BeRw2UI7n3HFV2aJspnBZgHYi9NlhBR8jmLB5yYwyygip02NdATUgLZNgyFKPLNRlfudsXMxxAKI0Ldyj9NL%2BysQddQiN452a8b%2Bet4owXzwU7pRj37xUWNsw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f4c35890b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/img/popup-footer.png | 188.114.96.1 | | 1.6 kB |
URL n8-h6.net-x.xyz/img/popup-footer.png IP188.114.96.1:0
File typePNG image data, 480 x 45, 1-bit colormap, non-interlaced Hashff0757ae087db7b747fd2edd05fb05bb 8f545db349797e3499cc283b7d6427a572c3223b 239c98a9d91bad31fba09475147cc928f5a0f076563ac4e21f3182d44209a07d
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/popup-footer.png HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: image/png
content-length: 1606
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pRKXB2S%2FSzhxqihPhzqZxTglKIhe7zPNNqVwiGe0CmGxXU27iGmdX%2BjVix8kL71adsRrAbkJvgK6wu9FlvoOggjQrdTbwqYsyQLeh7XySM0Fzlgv6gYqtfCbEsgrP2Iy%2FnU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c76bc6b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/img/container.jpg | 188.114.96.1 | | 29 kB |
URL n8-h6.net-x.xyz/img/container.jpg IP188.114.96.1:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1399, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=527], progressive, precision 8, 527x1399, components 3 Hash656a9909c48f54651964f1c8367701a6 089fb0764624c59412418aadac080f7b3e5f7954 49992ecbf7cfd2699670e3f0e5cd55ab9583ccc214f84fcbc6ab9e4e61b81a77
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/container.jpg HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:59 GMT
content-type: image/jpeg
content-length: 28662
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NEVB6M0b%2FjkgYglOUWwhChXbQYug4qgcbSt9zAncEtF%2Bvx%2FbshafQBJryVgV0Dw%2BURrFy%2BQZQ1feHclwi7iN%2Fa00H0eBs3A6okm8uYFq9g3ex4JpdDhKoKYdAfwFVXoByu0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c72b8cb529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/img/navbar.jpg | 188.114.96.1 | | 28 kB |
URL n8-h6.net-x.xyz/img/navbar.jpg IP188.114.96.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x172, components 3 Hash1719363c262e5dc4a37c9781c363ae26 e3551b470efa9552c27c94ebdbae4b41618d6bb9 f555e12a2bb64109a2d5525f41b0220c200f63d2a0b6cc9525da06f3a67042ab
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/navbar.jpg HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:59 GMT
content-type: image/jpeg
content-length: 27487
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QdILmx%2BNpnHUkZcsU816fGW4%2FkV2icph4i6JO5zhPVREnEPe%2BxyBGXpuWyt8fq68Tg%2FCBy8hTLD4kKFJc8RvJ30VTgLzj4KkPRGyMTIBxyv4u57Gth6A4qccivVeLppUTWE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c74baeb529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/index.php | 188.114.96.1 | | 25 kB |
URL n8-h6.net-x.xyz/index.php IP188.114.96.1:0
File typeHTML document, Unicode text, UTF-8 text Hash6184050e6d88836bb15804288d38088a 67f45a8f13cbcfa8465e9c380f7bf26cb1b568ab 1033dfe125e234f7b1020b58897526cb06febaec25f1b227ae9b975d14c4cba7
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /index.php HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cr%2F%2F7300ZqpLeAJYfcV8Opy1hEa2UtvZ4FsgjZN%2B6i2aKndfzB1Zl9VJhZX6zYBL5bQpTS6V7xTtrs%2BtmqHu0l%2Fh99FDf36J9e3QMKn8pYjlYmMxjhovLY284Ju0hEX9JbQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f4c388bfb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| l.top4top.io/m_1725u5z7i1.mp3 | 135.181.63.70 | | 20 kB |
URL l.top4top.io/m_1725u5z7i1.mp3 IP135.181.63.70:0 ASN#24940 Hetzner Online GmbH
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo Hashee5b5d12064ae26f839b882edb33da62 6fa93ef00f294eec4ef05276e81813db1e95e346 4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx
date: Wed, 24 Apr 2024 06:14:59 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Thu, 25 Apr 2024 05:51:39 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Wed, 24 Apr 2024 08:14:59 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
|
|
| a.top4top.io/m_1725zobal2.mp3 | 65.21.235.194 | | 18 kB |
URL a.top4top.io/m_1725zobal2.mp3 IP65.21.235.194:0 ASN#24940 Hetzner Online GmbH
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo Hash70ded6b0b406f9710307bc35e221629f 7034ec2ff72c936255b04c0890ce8976599380cc 22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx
date: Wed, 24 Apr 2024 06:14:59 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Thu, 25 Apr 2024 05:51:39 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Wed, 24 Apr 2024 08:14:59 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2
|
|
| n8-h6.net-x.xyz/img/heade77r.jpg | 188.114.96.1 | | 634 kB |
URL n8-h6.net-x.xyz/img/heade77r.jpg IP188.114.96.1:0
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3 Size634 kB (634353 bytes) Hashf1eb8abe2de00a07c0bcc26b8123cb68 9472c04313084215b2b10950063ca6fb2ae9b37c 2d84b08c1d3e4dce9f22f9f921c808f974de9ba6d1773c16fadc8a6748f55198
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/heade77r.jpg HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: image/jpeg
content-length: 634353
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nT3AIZTxtEV6IqN%2FUC58Jdfyxvu%2Fw32XaYzare0%2F%2B03DKYniY9Y9aF24dxESZ6qgEIWkrz1yqHIcyKB9sSOZKu8UgPZTc8c1%2BJqi%2FrvZBMi6zPQLT1YRlDD7uzERx18oEfY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c36892b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/img/btn_item.png | 188.114.96.1 | | 44 kB |
URL n8-h6.net-x.xyz/img/btn_item.png IP188.114.96.1:0
File typePNG image data, 1280 x 433, 8-bit/color RGBA, non-interlaced Hash5275d53998d2f0983901cfb7eff3c15c fe22b6a215e341dba12443ad785362e0d5c1b726 dafc6643f0ea080b4db78a45ec8f3fe634a53f98922ee14cd2446bc7c430e565
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/btn_item.png HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:59 GMT
content-type: image/png
content-length: 43770
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2FhWBuk2SWDcE9ZbyR7yPG%2BUKV%2BYCHaL1W08AaDyAw4Vg83VCD4RYDr1%2B5H%2FF%2FEo1qWSHORVXMZF%2BcyTt0qHO1Blbav8iac7mUMamxoPzvY9MbnACMwG52%2FDt0lda1pUYcM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4c75bbeb529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| n8-h6.net-x.xyz/css/login/facebook.css | 188.114.96.1 | | 1.3 kB |
URL n8-h6.net-x.xyz/css/login/facebook.css IP188.114.96.1:0
File typeASCII text, with CRLF line terminators Hashfd6e7ff14c7ab84d49b81ffda94e1f0e 085b17f3d0c7930cb58566d0bd0bd112188bbf49 3f6bda1ccb8620f3b43081668d74ef60a33e39e3fb0abf086984fa6c995e97f1
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /css/login/facebook.css HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:14:58 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 06:14:58 GMT
last-modified: Tue, 23 Apr 2024 15:22:48 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZDALI0LhlCUeyfqfR6IwTUAWOO6tvKNz9jIeKn%2FS1HrJkgfYE297HDvP5WLM8NmOkFD2P7NtmymtiVrhdwVeA1qbQ5hdNxiZXB8bnCHrMEP6WIS7PSvZExZHVkU0TPMTHLw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8793f4c3588fb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500 | 142.250.74.170 | | 6.6 kB |
URL fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500 IP142.250.74.170:0
File typegzip compressed data, max compression Hash6d07c9b228e1ac50bd67dfec3959e5b8 1ea09c559e3ead5689d387f4fd4771697acc5b15 c2959c65abbbf921ca297d83a69c248f3ffd05ef824b40222d398fac21898338
GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 06:14:58 GMT
date: Wed, 24 Apr 2024 06:14:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ajax.twitterapis.com/ajax/libs/jquery/2.1.3/jquery.min.js | 0.0.0.0 | | 0 B |
URL GET ajax.twitterapis.com/ajax/libs/jquery/2.1.3/jquery.min.js IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.twitterapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| n8-h6.net-x.xyz/favicon.ico | 188.114.96.1 | 404 Not Found | 1.3 kB |
URL GET HTTP/3n8-h6.net-x.xyz/favicon.ico IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectnet-x.xyz FingerprintD5:34:05:58:56:20:F9:0B:3C:48:E0:33:1C:2D:22:FD:0E:1F:F9:DE ValidityThu, 28 Mar 2024 22:08:22 GMT - Wed, 26 Jun 2024 22:08:21 GMT
File typeHTML document, ASCII text, with very long lines (1285), with no line terminators Hash94f08a3a6562f7f079c4f5a67b7260e2 cc5d03e17c41ee6bb2ebf0d26d4354a486ca1823 44ea069d9a3f7dcea953ac173384578b6185f4b2ece05a6f4513b9fda29c4c29
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /favicon.ico HTTP/1.1
Host: n8-h6.net-x.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://n8-h6.net-x.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 06:14:59 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gLT7DCTMBLib247XvKKElZNulmSBFoQ8dFlQLhPd3So5VBj4CiFLtAso0BkjzgfTKtfSNcsHn8Isy6OESosLJuieKSCRiKJK0HJxEr5iXmneUSVSjN8cwoV3QD%2FDhbrhEvU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8793f4ccc8a2b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|